const { querySQL, escape } = require('../db/mysql')
const { genPassword } = require('../utils/crypto')

const login = (username, password) => {
  username = escape(username) // 转义特殊符号，防止SQL注入
  password = genPassword(genPassword) // 加密密码

  const sql = `select * from users where username=${username} && password='${password}'`

  return querySQL(sql).then(rows => {
    console.log('login-rows', rows)
    return rows[0] || {}
  })
}

module.exports = {
  login
}